BENGALURU: Cognizant Technology Solutions has informed employees and California authorities that the majority of the personal information that was impacted by the Maze ransomware attack on the company was related to its corporate credit cards. These cards were issued to its employees.
“We regret that this incident occurred and take the security of your personal information seriously,” Becky Schmitt, chief people officer of Cognizant, said in a recent letter to employees and the regulators. She said they have given notice to all associates who have an active corporate credit card.
All associates with active cards will be offered credit and identity theft monitoring services from privacy technology company ID Experts. Cognizant has roped in the FBI to investigate who carried out the attack.
Cognizant expects a $50-$70 million impact due to the ransomware attack in the ongoing quarter. The IT firm said it learnt about the attack on April 20 and learnt that the attackers staged and likely exfiltrated a limited amount of data from Cognizant’s systems. Based on its investigation, this activity occurred between April 9 and 11.
“We notified the issuer of the cards of impacted accounts. They continue to monitor the account for any fraudulent activity and we have been informed that they have not seen an increase in fraud for our accounts,” Schmitt said.
Cognizant said it is taking all precautions to protect against potential misuse of personal information. As a precaution, Cognizant has arranged for its employees to enroll in a complimentary 12-month credit and dark web monitoring service provided by ID Experts, which also includes identity theft insurance coverage and managed identity restoration services.